﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using ProjectManagement.Domain.Services;

namespace ProjectManagement.Web.Infrastructure
{
	public class PermissionAttribute:AuthorizeAttribute
	{
		//只需重载此方法，模拟自定义的角色授权机制
		protected override bool AuthorizeCore(HttpContextBase httpContext)
		{
			string currentRole = GetRole(httpContext.User.Identity.Name);
			if (Roles.Contains(currentRole))
				return true;
			return base.AuthorizeCore(httpContext);
		}

		private string GetRole(string name)
		{
			var userId = (new UserService()).GetUserByUserName(name).ID;
			var roleId = (new UserRoleService()).GetRoleId(userId);
			return (new RoleService()).GetRoleById(roleId).Name;
		}
	}
}